{"id":6,"date":"2025-01-13T16:15:35","date_gmt":"2025-01-13T16:15:35","guid":{"rendered":"https:\/\/discovery.cevolution.co.uk\/iam\/?page_id=5"},"modified":"2026-01-22T16:18:58","modified_gmt":"2026-01-22T16:18:58","slug":"authenticate","status":"publish","type":"page","link":"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/","title":{"rendered":"Authenticate"},"content":{"rendered":"\n<div class=\"wp-block-group alignfull ciamsticky is-layout-flow wp-block-group-is-layout-flow\" style=\"padding-top:var(--wp--preset--spacing--20);padding-right:var(--wp--preset--spacing--20);padding-bottom:var(--wp--preset--spacing--20);padding-left:var(--wp--preset--spacing--20)\">\n<div class=\"wp-block-group has-accent-5-background-color has-text-color has-background has-link-color wp-elements-5ec195d42a06e7b6e80074735a8c8919 has-global-padding is-layout-constrained wp-container-core-group-is-layout-ff778368 wp-block-group-is-layout-constrained\" style=\"border-width:1px;border-radius:10px;color:#353434;padding-right:var(--wp--preset--spacing--30);padding-left:var(--wp--preset--spacing--30);box-shadow:var(--wp--preset--shadow--deep)\">\n<div class=\"wp-block-group alignwide is-content-justification-space-between is-nowrap is-layout-flex wp-container-core-group-is-layout-8165f36a wp-block-group-is-layout-flex\" style=\"padding-top:var(--wp--preset--spacing--30);padding-bottom:var(--wp--preset--spacing--30)\"><p class=\"wp-block-site-title\"><a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\" target=\"_self\" rel=\"home\">Discover CIAM<\/a><\/p>\n\n\n<div class=\"wp-block-group is-content-justification-right is-nowrap is-layout-flex wp-container-core-group-is-layout-82baacbd wp-block-group-is-layout-flex\"><nav class=\"is-responsive items-justified-left wp-block-navigation is-content-justification-left is-layout-flex wp-container-core-navigation-is-layout-24a44033 wp-block-navigation-is-layout-flex\" aria-label=\"Navigation\" \n\t\t data-wp-interactive=\"core\/navigation\" data-wp-context='{\"overlayOpenedBy\":{\"click\":false,\"hover\":false,\"focus\":false},\"type\":\"overlay\",\"roleAttribute\":\"\",\"ariaLabel\":\"Menu\"}'><button aria-haspopup=\"dialog\" aria-label=\"Open menu\" class=\"wp-block-navigation__responsive-container-open\" \n\t\t\t\tdata-wp-on--click=\"actions.openMenuOnClick\"\n\t\t\t\tdata-wp-on--keydown=\"actions.handleMenuKeydown\"\n\t\t\t><svg width=\"24\" height=\"24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 24 24\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M4 7.5h16v1.5H4z\"><\/path><path d=\"M4 15h16v1.5H4z\"><\/path><\/svg><\/button>\n\t\t\t\t<div class=\"wp-block-navigation__responsive-container  has-text-color has-contrast-color has-background has-accent-5-background-color\"  id=\"modal-1\" \n\t\t\t\tdata-wp-class--has-modal-open=\"state.isMenuOpen\"\n\t\t\t\tdata-wp-class--is-menu-open=\"state.isMenuOpen\"\n\t\t\t\tdata-wp-watch=\"callbacks.initMenu\"\n\t\t\t\tdata-wp-on--keydown=\"actions.handleMenuKeydown\"\n\t\t\t\tdata-wp-on--focusout=\"actions.handleMenuFocusout\"\n\t\t\t\ttabindex=\"-1\"\n\t\t\t>\n\t\t\t\t\t<div class=\"wp-block-navigation__responsive-close\" tabindex=\"-1\">\n\t\t\t\t\t\t<div class=\"wp-block-navigation__responsive-dialog\" \n\t\t\t\tdata-wp-bind--aria-modal=\"state.ariaModal\"\n\t\t\t\tdata-wp-bind--aria-label=\"state.ariaLabel\"\n\t\t\t\tdata-wp-bind--role=\"state.roleAttribute\"\n\t\t\t>\n\t\t\t\t\t\t\t<button aria-label=\"Close menu\" class=\"wp-block-navigation__responsive-container-close\" \n\t\t\t\tdata-wp-on--click=\"actions.closeMenuOnClick\"\n\t\t\t><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 24 24\" width=\"24\" height=\"24\" aria-hidden=\"true\" focusable=\"false\"><path d=\"m13.06 12 6.47-6.47-1.06-1.06L12 10.94 5.53 4.47 4.47 5.53 10.94 12l-6.47 6.47 1.06 1.06L12 13.06l6.47 6.47 1.06-1.06L13.06 12Z\"><\/path><\/svg><\/button>\n\t\t\t\t\t\t\t<div class=\"wp-block-navigation__responsive-container-content\" \n\t\t\t\tdata-wp-watch=\"callbacks.focusFirstElement\"\n\t\t\t id=\"modal-1-content\">\n\t\t\t\t\t\t\t\t<ul class=\"wp-block-navigation__container is-responsive items-justified-left wp-block-navigation\"><li data-wp-context=\"{ &quot;submenuOpenedBy&quot;: { &quot;click&quot;: false, &quot;hover&quot;: false, &quot;focus&quot;: false }, &quot;type&quot;: &quot;submenu&quot;, &quot;modal&quot;: null, &quot;previousFocus&quot;: null }\" data-wp-interactive=\"core\/navigation\" data-wp-on--focusout=\"actions.handleMenuFocusout\" data-wp-on--keydown=\"actions.handleMenuKeydown\" data-wp-on--mouseenter=\"actions.openMenuOnHover\" data-wp-on--mouseleave=\"actions.closeMenuOnHover\" data-wp-watch=\"callbacks.initMenu\" tabindex=\"-1\" class=\"wp-block-navigation-item has-child open-on-hover-click wp-block-navigation-submenu\"><a class=\"wp-block-navigation-item__content\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\"><span class=\"wp-block-navigation-item__label\">Authenticate<\/span><\/a><button data-wp-bind--aria-expanded=\"state.isMenuOpen\" data-wp-on--click=\"actions.toggleMenuOnClick\" aria-label=\"Authenticate submenu\" class=\"wp-block-navigation__submenu-icon wp-block-navigation-submenu__toggle\" ><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" viewBox=\"0 0 12 12\" fill=\"none\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M1.50002 4L6.00002 8L10.5 4\" stroke-width=\"1.5\"><\/path><\/svg><\/button><ul data-wp-on--focus=\"actions.openMenuOnFocus\" class=\"wp-block-navigation__submenu-container has-text-color has-contrast-color has-background has-accent-5-background-color wp-block-navigation-submenu\"><li data-wp-context=\"{ &quot;submenuOpenedBy&quot;: { &quot;click&quot;: false, &quot;hover&quot;: false, &quot;focus&quot;: false }, &quot;type&quot;: &quot;submenu&quot;, &quot;modal&quot;: null, &quot;previousFocus&quot;: null }\" data-wp-interactive=\"core\/navigation\" data-wp-on--focusout=\"actions.handleMenuFocusout\" data-wp-on--keydown=\"actions.handleMenuKeydown\" data-wp-on--mouseenter=\"actions.openMenuOnHover\" data-wp-on--mouseleave=\"actions.closeMenuOnHover\" data-wp-watch=\"callbacks.initMenu\" tabindex=\"-1\" class=\"wp-block-navigation-item has-child open-on-hover-click wp-block-navigation-submenu\"><a class=\"wp-block-navigation-item__content\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/\"><span class=\"wp-block-navigation-item__label\">Login<\/span><\/a><button data-wp-bind--aria-expanded=\"state.isMenuOpen\" data-wp-on--click=\"actions.toggleMenuOnClick\" aria-label=\"Login submenu\" class=\"wp-block-navigation__submenu-icon wp-block-navigation-submenu__toggle\" ><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" viewBox=\"0 0 12 12\" fill=\"none\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M1.50002 4L6.00002 8L10.5 4\" stroke-width=\"1.5\"><\/path><\/svg><\/button><ul data-wp-on--focus=\"actions.openMenuOnFocus\" class=\"wp-block-navigation__submenu-container has-text-color has-contrast-color has-background has-accent-5-background-color wp-block-navigation-submenu\"><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/passkeys\/\"><span class=\"wp-block-navigation-item__label\">Passkeys<\/span><\/a><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/passwordless\/\"><span class=\"wp-block-navigation-item__label\">Passwordless<\/span><\/a><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/federation\/\"><span class=\"wp-block-navigation-item__label\">Federation<\/span><\/a><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/social\/\"><span class=\"wp-block-navigation-item__label\">Social<\/span><\/a><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/sso\/\"><span class=\"wp-block-navigation-item__label\">SSO<\/span><\/a><\/li><\/ul><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/mfa\/\"><span class=\"wp-block-navigation-item__label\">MFA<\/span><\/a><\/li><\/ul><\/li><li data-wp-context=\"{ &quot;submenuOpenedBy&quot;: { &quot;click&quot;: false, &quot;hover&quot;: false, &quot;focus&quot;: false }, &quot;type&quot;: &quot;submenu&quot;, &quot;modal&quot;: null, &quot;previousFocus&quot;: null }\" data-wp-interactive=\"core\/navigation\" data-wp-on--focusout=\"actions.handleMenuFocusout\" data-wp-on--keydown=\"actions.handleMenuKeydown\" data-wp-on--mouseenter=\"actions.openMenuOnHover\" data-wp-on--mouseleave=\"actions.closeMenuOnHover\" data-wp-watch=\"callbacks.initMenu\" tabindex=\"-1\" class=\"wp-block-navigation-item has-child open-on-hover-click wp-block-navigation-submenu\"><a class=\"wp-block-navigation-item__content\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authorize\"><span class=\"wp-block-navigation-item__label\">Authorize<\/span><\/a><button data-wp-bind--aria-expanded=\"state.isMenuOpen\" data-wp-on--click=\"actions.toggleMenuOnClick\" aria-label=\"Authorize submenu\" class=\"wp-block-navigation__submenu-icon wp-block-navigation-submenu__toggle\" ><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" viewBox=\"0 0 12 12\" fill=\"none\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M1.50002 4L6.00002 8L10.5 4\" stroke-width=\"1.5\"><\/path><\/svg><\/button><ul data-wp-on--focus=\"actions.openMenuOnFocus\" class=\"wp-block-navigation__submenu-container has-text-color has-contrast-color has-background has-accent-5-background-color wp-block-navigation-submenu\"><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authorize\/access-control\/\"><span class=\"wp-block-navigation-item__label\">Access Control<\/span><\/a><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authorize\/consent\/\"><span class=\"wp-block-navigation-item__label\">Consent<\/span><\/a><\/li><\/ul><\/li><li data-wp-context=\"{ &quot;submenuOpenedBy&quot;: { &quot;click&quot;: false, &quot;hover&quot;: false, &quot;focus&quot;: false }, &quot;type&quot;: &quot;submenu&quot;, &quot;modal&quot;: null, &quot;previousFocus&quot;: null }\" data-wp-interactive=\"core\/navigation\" data-wp-on--focusout=\"actions.handleMenuFocusout\" data-wp-on--keydown=\"actions.handleMenuKeydown\" data-wp-on--mouseenter=\"actions.openMenuOnHover\" data-wp-on--mouseleave=\"actions.closeMenuOnHover\" data-wp-watch=\"callbacks.initMenu\" tabindex=\"-1\" class=\"wp-block-navigation-item has-child open-on-hover-click wp-block-navigation-submenu\"><a class=\"wp-block-navigation-item__content\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/manage\"><span class=\"wp-block-navigation-item__label\">Manage<\/span><\/a><button data-wp-bind--aria-expanded=\"state.isMenuOpen\" data-wp-on--click=\"actions.toggleMenuOnClick\" aria-label=\"Manage submenu\" class=\"wp-block-navigation__submenu-icon wp-block-navigation-submenu__toggle\" ><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" viewBox=\"0 0 12 12\" fill=\"none\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M1.50002 4L6.00002 8L10.5 4\" stroke-width=\"1.5\"><\/path><\/svg><\/button><ul data-wp-on--focus=\"actions.openMenuOnFocus\" class=\"wp-block-navigation__submenu-container has-text-color has-contrast-color has-background has-accent-5-background-color wp-block-navigation-submenu\"><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/manage\/user\/\"><span class=\"wp-block-navigation-item__label\">Users<\/span><\/a><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/manage\/brand\/\"><span class=\"wp-block-navigation-item__label\">Brand<\/span><\/a><\/li><\/ul><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/protect\"><span class=\"wp-block-navigation-item__label\">Protect<\/span><\/a><\/li><li class=\" wp-block-navigation-item wp-block-navigation-link\"><a class=\"wp-block-navigation-item__content\"  href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/blog\/\"><span class=\"wp-block-navigation-item__label\">Blog<\/span><\/a><\/li><\/ul>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div><\/nav><\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-cover alignfull is-light has-custom-content-position is-position-top-center ciamcover\" style=\"margin-top:0;margin-bottom:0;padding-top:0;padding-right:0;padding-bottom:0;padding-left:0;min-height:840px;aspect-ratio:unset;\"><span aria-hidden=\"true\" class=\"wp-block-cover__background has-background-dim\"><\/span><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/01\/13142600\/a-highly-detailed-high-resolution-image-featuring-both-users-and-machines.png\" class=\"wp-block-cover__image-background wp-post-image\" alt=\"\" data-object-fit=\"cover\" data-object-position=\"50% 100%\" style=\"object-position:50% 100%;\" srcset=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/01\/13142600\/a-highly-detailed-high-resolution-image-featuring-both-users-and-machines.png 1024w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/01\/13142600\/a-highly-detailed-high-resolution-image-featuring-both-users-and-machines-300x225.png 300w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/01\/13142600\/a-highly-detailed-high-resolution-image-featuring-both-users-and-machines-768x576.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><div class=\"wp-block-cover__inner-container is-layout-flow wp-container-core-cover-is-layout-e603688c wp-block-cover-is-layout-flow\">\n<div class=\"wp-block-group is-vertical is-content-justification-stretch is-layout-flex wp-container-core-group-is-layout-64be3dce wp-block-group-is-layout-flex\" style=\"min-height:780px\">\n<div class=\"wp-block-group alignwide has-base-color has-text-color has-link-color wp-elements-e46197a7095b1389c3f8817cfccbac12 has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-0a0f4438 wp-block-group-is-layout-constrained\" style=\"padding-right:var(--wp--preset--spacing--50);padding-left:var(--wp--preset--spacing--50)\">\n<p class=\"has-x-large-font-size\">Authentication is the process of identifying access to a system to secure the functionality it provides.<\/p>\n<\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-group alignfull is-style-section-5 has-global-padding is-layout-constrained wp-block-group-is-layout-constrained is-style-section-5--3\" style=\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)\">\n<div class=\"wp-block-columns alignwide are-vertically-aligned-center is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\">\n<p class=\"has-text-align-left has-neve-text-color-color has-text-color\">Authentication, however, isn&#8217;t just about security: a good authentication solution can help you provide a consistent experience no matter how your application is used.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\">\n<figure class=\"wp-block-image aligncenter size-large is-resized is-style-rounded\"><img decoding=\"async\" src=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/4\/2024\/04\/19202418\/profile-769x1024.jpg\" alt=\"\" class=\"wp-image-6218\" style=\"aspect-ratio:1;object-fit:cover;width:192px;height:auto\"\/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\">\n<p class=\"has-text-align-right has-neve-text-color-color has-text-color\">Hi, I&#8217;m <span class=\"popup-trigger popmake-378\" data-popup-id=\"378\" data-do-default=\"0\">Peter Fernandez<\/span>, and as a <span class=\"popup-trigger popmake-1185\" data-popup-id=\"1185\" data-do-default=\"0\">CIAM<\/span> expert, I want to share my experience building modern Authentication (a.k.a. AuthN) into modern applications.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group alignfull is-style-default has-base-color has-accent-6-background-color has-text-color has-background has-link-color wp-elements-488b323cb31c4632e5f1d76b210b3865 has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)\">\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center has-contrast-color has-text-color has-link-color wp-elements-548687ef31e0a09ac30fbb91e6997885 is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\">\n<p class=\"has-text-align-center has-neve-text-color-color has-text-color\" id=\"scenarios\">Authentication in a <span class=\"popup-trigger popmake-1185\" data-popup-id=\"1185\" data-do-default=\"0\">CIAM<\/span> context comes in all shapes and sizes. From <span class=\"popup-trigger popmake-1354\" data-popup-id=\"1354\" data-do-default=\"0\">B2C<\/span> scenarios, where users are your direct customers, to <span class=\"popup-trigger popmake-418\" data-popup-id=\"418\" data-do-default=\"0\">B2B<\/span> and B2B2C scenarios, where users are employees or other people&#8217;s customers. With workflows using <span class=\"popup-trigger popmake-397\" data-popup-id=\"397\" data-do-default=\"0\">SSO<\/span>,  <a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/passwordless\/\" data-type=\"page\" data-id=\"1149\" target=\"_blank\" rel=\"noreferrer noopener\">Passwordless<\/a>, <span class=\"popup-trigger popmake-1879\" data-popup-id=\"1879\" data-do-default=\"0\">Passkeys<\/span>, <span class=\"popup-trigger popmake-428\" data-popup-id=\"428\" data-do-default=\"0\">MFA<\/span>, <span class=\"popup-trigger popmake-523\" data-popup-id=\"523\" data-do-default=\"0\">Social<\/span> and <a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/federation\/\" data-type=\"page\" data-id=\"1136\" target=\"_blank\" rel=\"noreferrer noopener\">Federation<\/a>, through service-level access using client credentials and the various combinations in between, there are numerous potential situations you&#8217;ll need to consider.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center has-accent-4-color has-text-color has-link-color wp-elements-22432b96568b6365d50086995cf6249e is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\">\n<div data-wp-context=\"{}\" data-wp-interactive=\"core\/query\" data-wp-key=\"3\" data-wp-router-region=\"query-3\" class=\"wp-block-query alignwide has-global-padding is-layout-constrained wp-block-query-is-layout-constrained\"><ul class=\"columns-1 wp-block-post-template has-small-font-size is-layout-grid wp-container-core-post-template-is-layout-2fe809ea wp-block-post-template-is-layout-grid\"><li data-wp-key=\"post-template-item-1890\" class=\"wp-block-post post-1890 post type-post status-publish format-standard has-post-thumbnail hentry category-authentication tag-architecturalscenarios tag-architecture tag-authenticationarchitectures tag-b2b tag-b2c tag-saas\">\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-bottom:var(--wp--preset--spacing--50)\"><h2 style=\"margin-top:var(--wp--preset--spacing--30);\" class=\"has-text-align-center has-link-color wp-elements-2a622048c44497ff8d84c7dd4c1c2670 wp-block-post-title has-text-color has-contrast-color has-medium-font-size\"><a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/2025\/03\/25\/b2c-and-b2b-saas-authentication-architectures\/\" target=\"_self\" >B2C and B2B SaaS Authentication Architectures<\/a><\/h2>\n\n<figure style=\"aspect-ratio:auto;\" class=\"wp-block-post-featured-image\"><a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/2025\/03\/25\/b2c-and-b2b-saas-authentication-architectures\/\" target=\"_blank\"  ><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/03\/25184210\/create-a-highly-detailed-high-resolution-image-that-visually-represents-the-5.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"B2C and B2B SaaS Authentication Architectures\" style=\"border-radius:20px;border-width:1px;width:100%;height:100%;object-fit:cover;box-shadow:var(--wp--preset--shadow--deep);\" srcset=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/03\/25184210\/create-a-highly-detailed-high-resolution-image-that-visually-represents-the-5.png 1024w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/03\/25184210\/create-a-highly-detailed-high-resolution-image-that-visually-represents-the-5-300x225.png 300w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/03\/25184210\/create-a-highly-detailed-high-resolution-image-that-visually-represents-the-5-768x576.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n<p class=\"has-text-align-center has-contrast-color has-text-color has-link-color has-small-font-size wp-elements-2a6b4263945450936cc1481cd59d74c4\"><em>Click to read the blog post<\/em><\/p>\n<\/div>\n\n<\/li><\/ul><\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group alignfull is-style-default has-base-color has-text-color has-link-color wp-elements-97b0565cdc4c1578a938977a14416b28 has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)\">\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center has-contrast-color has-text-color has-link-color wp-elements-67780431a026760134fdd63e8b1be149 is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><h2 class=\"wp-block-heading has-text-align-center has-neve-text-color-color has-text-color\" id=\"authentication-architecture\">Authentication Architecture<\/h2>\n\n\n<p class=\"has-text-align-center has-neve-text-color-color has-text-color\">From a CIAM perspective, the preferred mechanism of choice when it comes to Authentication should be the use of an<strong> Identity Provider<\/strong>. An Identity Provider, commonly referred to as an <span class=\"popup-trigger popmake-415\" data-popup-id=\"415\" data-do-default=\"0\">IdP<\/span> (or IDP), is typically deployed as an application-independent centralised service and is responsible for verifying a customer\u2019s identity when they attempt <span class=\"popup-trigger popmake-2946\" data-popup-id=\"2946\" data-do-default=\"0\">SaaS<\/span> solution access. An IdP will leverage industry standards, such as <span class=\"popup-trigger popmake-407\" data-popup-id=\"407\" data-do-default=\"0\">OIDC<\/span>, enabling the likes of <span class=\"popup-trigger popmake-397\" data-popup-id=\"397\" data-do-default=\"0\">SSO<\/span> via the various <span class=\"popup-trigger popmake-2228\" data-popup-id=\"2228\" data-do-default=\"0\">first-factor<\/span> authentication methods to maintain a seamless user experience.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center has-accent-4-color has-text-color has-link-color wp-elements-e896e4e9793029d78dac7629318f0057 is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\">\n<div data-wp-context=\"{}\" data-wp-interactive=\"core\/query\" data-wp-key=\"3\" data-wp-router-region=\"query-3\" class=\"wp-block-query alignwide has-global-padding is-layout-constrained wp-block-query-is-layout-constrained\"><ul class=\"columns-1 wp-block-post-template has-small-font-size is-layout-grid wp-container-core-post-template-is-layout-2fe809ea wp-block-post-template-is-layout-grid\"><li data-wp-key=\"post-template-item-2709\" class=\"wp-block-post post-2709 post type-post status-publish format-standard has-post-thumbnail hentry category-integration tag-architecture tag-b2b tag-b2c tag-ciam tag-modernciamarchitecture tag-saas\">\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-bottom:var(--wp--preset--spacing--50)\"><h2 style=\"margin-top:var(--wp--preset--spacing--30);\" class=\"has-text-align-center has-link-color wp-elements-2a622048c44497ff8d84c7dd4c1c2670 wp-block-post-title has-text-color has-contrast-color has-medium-font-size\"><a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/2025\/04\/09\/architecting-a-modern-ciam-solution\/\" target=\"_self\" >Architecting a CIAM Solution<\/a><\/h2>\n\n<figure style=\"aspect-ratio:auto;\" class=\"wp-block-post-featured-image\"><a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/2025\/04\/09\/architecting-a-modern-ciam-solution\/\" target=\"_blank\"  ><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/04\/07123553\/architecture.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Architecting a CIAM Solution\" style=\"border-radius:20px;border-width:1px;width:100%;height:100%;object-fit:cover;box-shadow:var(--wp--preset--shadow--deep);\" srcset=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/04\/07123553\/architecture.png 1024w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/04\/07123553\/architecture-300x225.png 300w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/04\/07123553\/architecture-768x576.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n<p class=\"has-text-align-center has-contrast-color has-text-color has-link-color has-small-font-size wp-elements-2a6b4263945450936cc1481cd59d74c4\"><em>Click to read the blog post<\/em><\/p>\n<\/div>\n\n<\/li><\/ul><\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group alignfull is-style-default has-accent-5-color has-accent-4-background-color has-text-color has-background has-link-color wp-elements-c57738b75b7425dd50ca8bb2d6569edd has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)\">\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><h2 class=\"wp-block-heading has-text-align-left has-neve-text-color-color has-text-color\" id=\"user-authentication\">User Credentials<\/h2>\n\n\n<p class=\"has-text-align-left has-neve-text-color-color has-text-color\">Using user-based credentials (e.g. User ID, Password, etc.), the process of identification based on an actual user is typically performed via the interactive <span class=\"popup-trigger popmake-1437\" data-popup-id=\"1437\" data-do-default=\"0\">Login<\/span> process with which we&#8217;re all familiar. But even if your application doesn&#8217;t require secure access, implementing user-based authentication can still enable you to provide your users with consistency, such as a consistent profile context, which they can take with them no matter how they log in.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><h2 class=\"wp-block-heading has-text-align-right has-neve-text-color-color has-text-color\" id=\"machine-authentication\">Client Credentials<\/h2>\n\n\n<p class=\"has-text-align-right has-neve-text-color-color has-text-color\">Whilst most applications will operate on behalf of a user, there are circumstances where there is no human interaction. This can occur between services, machines, or devices when they need to communicate securely with each other, either in a foreground or background context. In such cases, a known set of credentials is utilised instead of an (interactive) <span class=\"popup-trigger popmake-1437\" data-popup-id=\"1437\" data-do-default=\"0\">Login<\/span> and is typically supported in situations where a user was never present at all.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group alignfull is-style-default has-contrast-color has-accent-6-background-color has-text-color has-background has-link-color wp-elements-88c8fedc54c8ceb2dacf343433563612 has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)\">\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><h2 class=\"wp-block-heading has-text-align-left has-nv-text-dark-bg-color has-text-color\" id=\"login\">Login vs&#8230;<\/h2>\n\n\n<p class=\"has-text-align-left has-nv-text-dark-bg-color has-text-color\"><span class=\"popup-trigger popmake-1437\" data-popup-id=\"1437\" data-do-default=\"0\">Login<\/span>, also referred to as sign-in, typically starts with an interaction where a user supplies their credentials for verification. Credentials come in a number of different forms, the most familiar being the UserID and Password. But forms associated with Passwordless authentication, Passkeys, Social, and (Enterprise) Federation scenarios exist too. Once credentials are verified, an application will typically establish the session for the user, optionally with an <span class=\"popup-trigger popmake-397\" data-popup-id=\"397\" data-do-default=\"0\">SSO<\/span> context established too.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><h2 class=\"wp-block-heading has-text-align-right has-nv-text-dark-bg-color has-text-color\" id=\"logout\">&#8230;Logout<\/h2>\n\n\n<p class=\"has-text-align-right has-nv-text-dark-bg-color has-text-color\">The converse process is known as Logout. Once a user has finished interacting with an application, they will typically terminate their session explicitly via a logout, effectively de-authenticating. Alternatively, the application will terminate the session implicitly if no user interaction has occurred for a period of time. Optionally, a Logout can also terminate any <span class=\"popup-trigger popmake-397\" data-popup-id=\"397\" data-do-default=\"0\">SSO<\/span> context, so that the user must again engage with the <span class=\"popup-trigger popmake-1437\" data-popup-id=\"1437\" data-do-default=\"0\">Login<\/span> process interactively if they wish to continue.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group alignfull is-style-default has-contrast-color has-base-background-color has-text-color has-background has-link-color wp-elements-39820841b8e270ff5a3b7c703daf5848 has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)\">\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><h2 class=\"wp-block-heading has-text-align-left has-nv-text-dark-bg-color has-text-color\" id=\"first-factor\">First-Factor&#8230;<\/h2>\n\n\n<p class=\"has-text-align-left has-nv-text-dark-bg-color has-text-color\">The degree to which user authenticity (and, in some cases, client authenticity) needs to be proven can vary considerably. <span class=\"popup-trigger popmake-2228\" data-popup-id=\"2228\" data-do-default=\"0\">First-factor<\/span> authentication \u2014 typically known as (User)ID &amp; Password authentication, but can also include the likes of <span class=\"popup-trigger popmake-523\" data-popup-id=\"523\" data-do-default=\"0\">Social<\/span> or <a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/passwordless\/\" data-type=\"page\" data-id=\"1149\" target=\"_blank\" rel=\"noreferrer noopener\">Passwordless<\/a> authentication, etc. \u2014 is always a given. However, certain scenarios, such as those that involve performing financial or security-sensitive transactions, often benefit from the use of one or more additional factors.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><h2 class=\"wp-block-heading has-text-align-right has-nv-text-dark-bg-color has-text-color\" id=\"mfa\">&#8230;vs Multi-Factor<\/h2>\n\n\n<p class=\"has-text-align-right has-nv-text-dark-bg-color has-text-color\">Multi-factor Authentication, typically known as <span class=\"popup-trigger popmake-428\" data-popup-id=\"428\" data-do-default=\"0\">MFA<\/span>, refers to the process whereby one (or more) factors are performed in addition to whatever <span class=\"popup-trigger popmake-2228\" data-popup-id=\"2228\" data-do-default=\"0\">first-factor<\/span> authentication occurs for a user. MFA \u2014 also known as 2-factor Authentication (or 2FA) where only one additional factor is used \u2014 provides for the additional verification of a user. MFA can occur immediately after First-Factor authentication or, in cases where <span class=\"popup-trigger popmake-397\" data-popup-id=\"397\" data-do-default=\"0\">SSO <\/span>is utilised, under certain conditions typically referred to as Step-Up Authentication.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group alignfull is-style-section-5 has-global-padding is-layout-constrained wp-block-group-is-layout-constrained is-style-section-5--4\" style=\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)\">\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><h2 class=\"wp-block-heading has-text-align-center has-nv-text-dark-bg-color has-text-color\" id=\"authentication-vs-authorization\">Authentication vs Authorization<\/h2>\n\n\n<p class=\"has-text-align-center has-nv-text-dark-bg-color has-text-color\">Whereas Authentication is the process of identifying access to a system, <a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authorize\/\" data-type=\"page\" data-id=\"9\">Authorization<\/a> \u2014 a.k.a AuthZ \u2014 is typically referred to as the process of determining exactly what access is allowed and invariably requires Authentication as a pre-requisite!<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center has-accent-6-color has-text-color has-link-color wp-elements-ce301dd9736e15163c5a144e439939f8 has-global-padding is-layout-constrained wp-block-column-is-layout-constrained\" style=\"flex-basis:50%\">\n<figure class=\"wp-block-image aligncenter size-full has-custom-border ticss-b2005c81\"><a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authorize\/\" target=\"_blank\" rel=\" noreferrer noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"740\" src=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/03\/01101043\/image-2-e1740823929428.png\" alt=\"\" class=\"wp-image-1285\" style=\"border-width:1px;border-radius:20px\" srcset=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/03\/01101043\/image-2-e1740823929428.png 1024w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/03\/01101043\/image-2-e1740823929428-300x217.png 300w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/03\/01101043\/image-2-e1740823929428-768x555.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n\n<p class=\"has-text-align-center has-base-color has-text-color has-link-color has-small-font-size wp-elements-7738b279b0aea19673d4ec565e220ce5\"><em>Click to follow<\/em><\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group alignfull is-style-default has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-top:var(--wp--preset--spacing--50);padding-bottom:var(--wp--preset--spacing--50)\">\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:40%\">\n<h2 class=\"wp-block-heading\">Build vs Buy vs DIY<\/h2>\n\n\n\n<p class=\"has-text-align-left has-neve-text-color-color has-text-color\" style=\"padding-bottom:0\">You could build an in-house custom solution yourself&#8230;it&#8217;s certainly an option. Particularly if you have a team with the time, capacity, knowledge, and expertise to develop: <\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li style=\"margin-top:0;margin-bottom:0;padding-top:0;padding-bottom:0\"><span class=\"popup-trigger popmake-397\" data-popup-id=\"397\" data-do-default=\"0\">SSO<\/span>, <\/li>\n\n\n\n<li style=\"margin-top:0;margin-bottom:0;padding-bottom:0\">Leverage <span class=\"popup-trigger popmake-407\" data-popup-id=\"407\" data-do-default=\"0\">OIDC<\/span> and\/or <span class=\"popup-trigger popmake-470\" data-popup-id=\"470\" data-do-default=\"0\">SAML<\/span> for Authentication, <span class=\"popup-trigger popmake-523\" data-popup-id=\"523\" data-do-default=\"0\">Social<\/span> and\/or (Enterprise) <a data-type=\"page\" data-id=\"1136\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/federation\/\" target=\"_blank\" rel=\"noreferrer noopener\">Federation<\/a>, <\/li>\n\n\n\n<li style=\"margin-top:0;margin-bottom:0;padding-bottom:0\">Implement <a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/login\/passwordless\/\" data-type=\"page\" data-id=\"1149\">Passwordless<\/a>, <span class=\"popup-trigger popmake-1879\" data-popup-id=\"1879\" data-do-default=\"0\">Passkeys<\/span> and\/or <span class=\"popup-trigger popmake-428\" data-popup-id=\"428\" data-do-default=\"0\">MFA<\/span>, with optional<\/li>\n\n\n\n<li style=\"margin-top:0;margin-bottom:0\"><span class=\"popup-trigger popmake-467\" data-popup-id=\"467\" data-do-default=\"0\">OAuth 2.0<\/span> for <span class=\"popup-trigger popmake-2876\" data-popup-id=\"2876\" data-do-default=\"0\">API<\/span> Authorization, as well as<\/li>\n\n\n\n<li style=\"margin-top:0;margin-bottom:0;padding-bottom:0\">Deploy and maintain Attack Protection.<\/li>\n<\/ul>\n\n\n\n<p class=\"has-text-align-left has-neve-text-color-color has-text-color\">The alternative is to integrate with a <span class=\"popup-trigger popmake-2946 \" data-popup-id=\"2946\" data-do-default=\"0\">SaaS<\/span> solution provided by one of the popular vendors, and the cost of subscribing to one of these typically depends on the features you use and the number of active consumer identities you have.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center has-global-padding is-layout-constrained wp-block-column-is-layout-constrained\" style=\"flex-basis:20%\">\n<div data-wp-context=\"{}\" data-wp-interactive=\"core\/query\" data-wp-key=\"3\" data-wp-router-region=\"query-3\" class=\"wp-block-query alignwide has-global-padding is-layout-constrained wp-block-query-is-layout-constrained\"><ul class=\"columns-1 wp-block-post-template has-small-font-size is-layout-grid wp-container-core-post-template-is-layout-2fe809ea wp-block-post-template-is-layout-grid\"><li data-wp-key=\"post-template-item-127\" class=\"wp-block-post post-127 post type-post status-publish format-standard has-post-thumbnail hentry category-integration tag-buyvsdiy tag-diy\">\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-bottom:var(--wp--preset--spacing--50)\"><h2 style=\"margin-top:var(--wp--preset--spacing--30);\" class=\"has-text-align-center wp-block-post-title has-medium-font-size\"><a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/2025\/02\/22\/diy-or-buy\/\" target=\"_self\" >Build, Buy or DIY your CIAM Solution?<\/a><\/h2>\n\n<figure style=\"aspect-ratio:2\/3;\" class=\"wp-block-post-featured-image\"><a href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/2025\/02\/22\/diy-or-buy\/\" target=\"_blank\"  ><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/01\/27141803\/create-a-high-resolution-detailed-diagonally-split-featured-image-focusing-on.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Build, Buy or DIY your CIAM Solution?\" style=\"border-radius:20px;border-width:1px;width:100%;height:100%;object-fit:cover;box-shadow:var(--wp--preset--shadow--deep);\" srcset=\"https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/01\/27141803\/create-a-high-resolution-detailed-diagonally-split-featured-image-focusing-on.png 1024w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/01\/27141803\/create-a-high-resolution-detailed-diagonally-split-featured-image-focusing-on-300x225.png 300w, https:\/\/discovery-bucket-ha60ib.s3.eu-west-2.amazonaws.com\/wp-content\/uploads\/sites\/22\/2025\/01\/27141803\/create-a-high-resolution-detailed-diagonally-split-featured-image-focusing-on-768x576.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n<p class=\"has-text-align-center has-small-font-size\"><em>Click to read the blog post<\/em><\/p>\n<\/div>\n\n<\/li><\/ul><\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:40%\">\n<p>With vendor-based <span class=\"popup-trigger popmake-1185\" data-popup-id=\"1185\" data-do-default=\"0\">CIAM<\/span>, the cost is typically associated with the platform hosting the backend service(s) that deliver <a data-type=\"page\" data-id=\"6\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authenticate\/\" target=\"_blank\" rel=\"noreferrer noopener\">Authentication<\/a>, <a data-type=\"page\" data-id=\"9\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/authorize\/\" target=\"_blank\" rel=\"noreferrer noopener\">Authorization<\/a>, <a data-type=\"page\" data-id=\"18\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/manage\/\" target=\"_blank\" rel=\"noreferrer noopener\">Management<\/a> and <a data-type=\"page\" data-id=\"24\" href=\"https:\/\/discovery.cevolution.co.uk\/ciam\/protect\/\" target=\"_blank\" rel=\"noreferrer noopener\">Protection<\/a> from attack. <\/p>\n\n\n\n<p>With consumer-oriented SaaS, much of this infrastructure is already in place: cloud-based &#8220;compute&#8221;, database, network resources, etc., could be a necessity for your solution, and delivering these at scale may be something you also need to do.<\/p>\n\n\n\n<p>Deploying a standards-based (open-source) DIY solution within your existing infrastructure might provide a more cost-effective approach, delivering secure and robust <span class=\"popup-trigger popmake-1185\" data-popup-id=\"1185\" data-do-default=\"0\">CIAM<\/span> without the need to build everything yourself and with the added benefit of more flexibility and control.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group alignfull has-global-padding is-layout-constrained wp-container-core-group-is-layout-0d85de7f wp-block-group-is-layout-constrained\" style=\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)\">\n<div class=\"wp-block-group alignwide is-layout-flow wp-block-group-is-layout-flow\">\n<p class=\"has-text-align-center is-style-text-display is-style-text-display--5\" style=\"font-style:normal;font-weight:400\">Questions? Comments? <br>Feel free to reach out!<\/p>\n\n\n\n<div style=\"height:var(--wp--preset--spacing--40)\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-social-links has-large-icon-size has-icon-color is-style-logos-only is-content-justification-center is-layout-flex wp-container-core-social-links-is-layout-a89b3969 wp-block-social-links-is-layout-flex\"><li class=\"wp-social-link wp-social-link-linkedin has-contrast-color wp-block-social-link\"><a href=\"https:\/\/www.linkedin.com\/in\/pgfernandez\/\" class=\"wp-block-social-link-anchor\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M19.7,3H4.3C3.582,3,3,3.582,3,4.3v15.4C3,20.418,3.582,21,4.3,21h15.4c0.718,0,1.3-0.582,1.3-1.3V4.3 C21,3.582,20.418,3,19.7,3z M8.339,18.338H5.667v-8.59h2.672V18.338z M7.004,8.574c-0.857,0-1.549-0.694-1.549-1.548 c0-0.855,0.691-1.548,1.549-1.548c0.854,0,1.547,0.694,1.547,1.548C8.551,7.881,7.858,8.574,7.004,8.574z M18.339,18.338h-2.669 v-4.177c0-0.996-0.017-2.278-1.387-2.278c-1.389,0-1.601,1.086-1.601,2.206v4.249h-2.667v-8.59h2.559v1.174h0.037 c0.356-0.675,1.227-1.387,2.526-1.387c2.703,0,3.203,1.779,3.203,4.092V18.338z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">LinkedIn<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-threads has-contrast-color wp-block-social-link\"><a href=\"https:\/\/www.threads.net\/@petefern\" class=\"wp-block-social-link-anchor\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M16.3 11.3c-.1 0-.2-.1-.2-.1-.1-2.6-1.5-4-3.9-4-1.4 0-2.6.6-3.3 1.7l1.3.9c.5-.8 1.4-1 2-1 .8 0 1.4.2 1.7.7.3.3.5.8.5 1.3-.7-.1-1.4-.2-2.2-.1-2.2.1-3.7 1.4-3.6 3.2 0 .9.5 1.7 1.3 2.2.7.4 1.5.6 2.4.6 1.2-.1 2.1-.5 2.7-1.3.5-.6.8-1.4.9-2.4.6.3 1 .8 1.2 1.3.4.9.4 2.4-.8 3.6-1.1 1.1-2.3 1.5-4.3 1.5-2.1 0-3.8-.7-4.8-2S5.7 14.3 5.7 12c0-2.3.5-4.1 1.5-5.4 1.1-1.3 2.7-2 4.8-2 2.2 0 3.8.7 4.9 2 .5.7.9 1.5 1.2 2.5l1.5-.4c-.3-1.2-.8-2.2-1.5-3.1-1.3-1.7-3.3-2.6-6-2.6-2.6 0-4.7.9-6 2.6C4.9 7.2 4.3 9.3 4.3 12s.6 4.8 1.9 6.4c1.4 1.7 3.4 2.6 6 2.6 2.3 0 4-.6 5.3-2 1.8-1.8 1.7-4 1.1-5.4-.4-.9-1.2-1.7-2.3-2.3zm-4 3.8c-1 .1-2-.4-2-1.3 0-.7.5-1.5 2.1-1.6h.5c.6 0 1.1.1 1.6.2-.2 2.3-1.3 2.7-2.2 2.7z\"\/><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Threads<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-bluesky has-contrast-color wp-block-social-link\"><a href=\"https:\/\/bsky.app\/profile\/petergf24.bsky.social\" class=\"wp-block-social-link-anchor\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M6.3,4.2c2.3,1.7,4.8,5.3,5.7,7.2.9-1.9,3.4-5.4,5.7-7.2,1.7-1.3,4.3-2.2,4.3.9s-.4,5.2-.6,5.9c-.7,2.6-3.3,3.2-5.6,2.8,4,.7,5.1,3,2.9,5.3-5,5.2-6.7-2.8-6.7-2.8,0,0-1.7,8-6.7,2.8-2.2-2.3-1.2-4.6,2.9-5.3-2.3.4-4.9-.3-5.6-2.8-.2-.7-.6-5.3-.6-5.9,0-3.1,2.7-2.1,4.3-.9h0Z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Bluesky<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-wordpress has-contrast-color wp-block-social-link\"><a href=\"https:\/\/wordpress.com\/reader\/users\/peterfernandez2016\" class=\"wp-block-social-link-anchor\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12.158,12.786L9.46,20.625c0.806,0.237,1.657,0.366,2.54,0.366c1.047,0,2.051-0.181,2.986-0.51 c-0.024-0.038-0.046-0.079-0.065-0.124L12.158,12.786z M3.009,12c0,3.559,2.068,6.634,5.067,8.092L3.788,8.341 C3.289,9.459,3.009,10.696,3.009,12z M18.069,11.546c0-1.112-0.399-1.881-0.741-2.48c-0.456-0.741-0.883-1.368-0.883-2.109 c0-0.826,0.627-1.596,1.51-1.596c0.04,0,0.078,0.005,0.116,0.007C16.472,3.904,14.34,3.009,12,3.009 c-3.141,0-5.904,1.612-7.512,4.052c0.211,0.007,0.41,0.011,0.579,0.011c0.94,0,2.396-0.114,2.396-0.114 C7.947,6.93,8.004,7.642,7.52,7.699c0,0-0.487,0.057-1.029,0.085l3.274,9.739l1.968-5.901l-1.401-3.838 C9.848,7.756,9.389,7.699,9.389,7.699C8.904,7.67,8.961,6.93,9.446,6.958c0,0,1.484,0.114,2.368,0.114 c0.94,0,2.397-0.114,2.397-0.114c0.485-0.028,0.542,0.684,0.057,0.741c0,0-0.488,0.057-1.029,0.085l3.249,9.665l0.897-2.996 C17.841,13.284,18.069,12.316,18.069,11.546z M19.889,7.686c0.039,0.286,0.06,0.593,0.06,0.924c0,0.912-0.171,1.938-0.684,3.22 l-2.746,7.94c2.673-1.558,4.47-4.454,4.47-7.771C20.991,10.436,20.591,8.967,19.889,7.686z M12,22C6.486,22,2,17.514,2,12 C2,6.486,6.486,2,12,2c5.514,0,10,4.486,10,10C22,17.514,17.514,22,12,22z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">WordPress<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-x has-contrast-color wp-block-social-link\"><a href=\"https:\/\/x.com\/petergfern\" class=\"wp-block-social-link-anchor\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M13.982 10.622 20.54 3h-1.554l-5.693 6.618L8.745 3H3.5l6.876 10.007L3.5 21h1.554l6.012-6.989L15.868 21h5.245l-7.131-10.378Zm-2.128 2.474-.697-.997-5.543-7.93H8l4.474 6.4.697.996 5.815 8.318h-2.387l-4.745-6.787Z\" \/><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">X<\/span><\/a><\/li><\/ul>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Authentication, however, isn&#8217;t just about security: a good authentication solution can help you provide a consistent experience no matter how your application is used. Hi, I&#8217;m Peter Fernandez, and as a CIAM expert, I want to share my experience building modern Authentication (a.k.a. AuthN) into modern applications. Authentication in a CIAM context comes in all [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":132,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-no-title","meta":{"authenticate":"","authentication":"","authenticatedMethod":"","authenticatedMember":"","authorizedPermissions":[],"footnotes":"","_links_to":"","_links_to_target":""},"class_list":["post-6","page","type-page","status-publish","has-post-thumbnail","hentry"],"aioseo_notices":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/pages\/6","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/comments?post=6"}],"version-history":[{"count":76,"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/pages\/6\/revisions"}],"predecessor-version":[{"id":5254,"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/pages\/6\/revisions\/5254"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/media\/132"}],"wp:attachment":[{"href":"https:\/\/discovery.cevolution.co.uk\/ciam\/wp-json\/wp\/v2\/media?parent=6"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}